K8s:离线部署Kubernetes1.26.12及采用外部Harbor

本文详细介绍了在离线环境下使用KubeKey部署KubeSphere集群的完整流程。主要内容包括：1）在联网服务器下载KubeKey工具、获取镜像列表并构建离线安装包；2）在离线服务器创建配置文件，配置私有镜像仓库信息；3）通过KubeKey命令执行离线安装。

一、离线环境

CPU:Hygon C86 7285 32-core Processor
操作系统：麒麟操作系统
containerd：1.7.27
Harbor:2.13.1

二、一台能上互联网的服务器

2.1、下载KubeKey3.1.10

https://kubernetes.pek3b.qingstor.com/kubekey/releases/download/v3.1.10/kubekey-v3.1.10-linux-amd64.tar.gz

解压后，会有 KubeKey 二进制文件 kk。
#tar -zxvf kubekey-v3.1.10-linux-amd64.tar.gz

2.2、获取kubesphere版本信息及镜像列表

https://get-images.kubesphere.io/ 

镜像列表文件如下：

文件名	描述
kubesphere-images.txt	包含 KubeSphere 及扩展组件涉及的所有镜像，以及在华为云的镜像地址，可根据该文件中的列表将镜像同步至离线仓库中。
kk-manifest.yaml	包含 KubeSphere 及扩展组件涉及的所有镜像，可使用 kk 快速构建离线包。
kk-manifest-mirror.yaml	包含华为云镜像仓库中 KubeSphere 及扩展组件涉及的所有镜像。访问 DockerHub 受限时可使用该 manifest 文件构建离线包。

2.3、创建 manifest 文件

# chmod +x kk
./kk create manifest --with-kubernetes v1.26.12  --with-registry
使用 kk 离线部署镜像仓库，添加 --with-registry 打包镜像仓库的安装文件
该命令将创建一个 manifest-sample.yaml 文件。

 2.4、编辑 manifest 文件

#vi manifest-sample.yaml
复制kk-manifest-mirror.yaml（若访问 DockerHub 受限） 中的镜像列表，添加到新创建的 manifest-sample.yaml 文件中。

 

apiVersion: kubekey.kubesphere.io/v1alpha2
kind: Manifest
metadata:
  name: sample
spec:
  arches:
  - amd64
  operatingSystems: []
  kubernetesDistributions:
  - type: kubernetes
    version: v1.26.12
  components:
    helm: 
      version: v3.14.3
    cni: 
      version: v1.2.0
    etcd: 
      version: v3.5.13
    containerRuntimes:
    - type: docker
      version: 24.0.9
    - type: containerd
      version: 1.7.13
    calicoctl:
      version: v3.27.4
    crictl: 
      version: v1.29.0
    docker-registry:
      version: "2"
    harbor:
      version: v2.10.1
    docker-compose:
      version: v2.26.1
  images:
  - registry.cn-beijing.aliyuncs.com/kubesphereio/pause:3.9
  - registry.cn-beijing.aliyuncs.com/kubesphereio/kube-apiserver:v1.26.12
  - registry.cn-beijing.aliyuncs.com/kubesphereio/kube-controller-manager:v1.26.12
  - registry.cn-beijing.aliyuncs.com/kubesphereio/kube-scheduler:v1.26.12
  - registry.cn-beijing.aliyuncs.com/kubesphereio/kube-proxy:v1.26.12
  - registry.cn-beijing.aliyuncs.com/kubesphereio/coredns:1.9.3
  - registry.cn-beijing.aliyuncs.com/kubesphereio/k8s-dns-node-cache:1.22.20
  - registry.cn-beijing.aliyuncs.com/kubesphereio/kube-controllers:v3.27.4
  - registry.cn-beijing.aliyuncs.com/kubesphereio/cni:v3.27.4
  - registry.cn-beijing.aliyuncs.com/kubesphereio/node:v3.27.4
  - registry.cn-beijing.aliyuncs.com/kubesphereio/pod2daemon-flexvol:v3.27.4
  - registry.cn-beijing.aliyuncs.com/kubesphereio/typha:v3.27.4
  - registry.cn-beijing.aliyuncs.com/kubesphereio/flannel:v0.21.3
  - registry.cn-beijing.aliyuncs.com/kubesphereio/flannel-cni-plugin:v1.1.2
  - registry.cn-beijing.aliyuncs.com/kubesphereio/cilium:v1.15.3
  - registry.cn-beijing.aliyuncs.com/kubesphereio/operator-generic:v1.15.3
  - registry.cn-beijing.aliyuncs.com/kubesphereio/hybridnet:v0.8.6
  - registry.cn-beijing.aliyuncs.com/kubesphereio/kube-ovn:v1.10.10
  - registry.cn-beijing.aliyuncs.com/kubesphereio/multus-cni:v3.8
  - registry.cn-beijing.aliyuncs.com/kubesphereio/provisioner-localpv:3.3.0
  - registry.cn-beijing.aliyuncs.com/kubesphereio/linux-utils:3.3.0
  - registry.cn-beijing.aliyuncs.com/kubesphereio/haproxy:2.9.6-alpine
  - registry.cn-beijing.aliyuncs.com/kubesphereio/kube-vip:v0.7.2
  - registry.cn-beijing.aliyuncs.com/kubesphereio/kata-deploy:stable
  - registry.cn-beijing.aliyuncs.com/kubesphereio/node-feature-discovery:v0.10.0
## ks-corenew
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/ks-apiserver:v4.1.2
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/ks-console:v4.1.2
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/ks-controller-manager:v4.1.2
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.16
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/redis:7.2.4-alpine
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/haproxy:2.9.6-alpine
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/ks-extensions-museum:v1.1.2
  ## devops
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/devops-apiserver:v4.1.2
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/devops-controller:v4.1.2
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/devops-tools:v4.1.2
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/devops-jenkins:v4.1.2-2.346.3
  - swr.cn-southwest-2.myhuaweicloud.com/ks/jenkins/inbound-agent:4.10-2
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-base:v3.2.2
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-nodejs:v3.2.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-maven:v3.2.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-maven:v3.2.1-jdk11
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-python:v3.2.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-go:v3.2.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-go:v3.2.2-1.16
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-go:v3.2.2-1.17
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-go:v3.2.2-1.18
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-base:v3.2.2-podman
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-nodejs:v3.2.0-podman
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-maven:v3.2.0-podman
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-maven:v3.2.1-jdk11-podman
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-python:v3.2.0-podman
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-go:v3.2.0-podman
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-go:v3.2.2-1.16-podman
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-go:v3.2.2-1.17-podman
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-go:v3.2.2-1.18-podman
  - swr.cn-southwest-2.myhuaweicloud.com/ks/argoproj/argocd:v2.3.3
  - swr.cn-southwest-2.myhuaweicloud.com/ks/argoproj/argocd-applicationset:v0.4.1
  - swr.cn-southwest-2.myhuaweicloud.com/ks/dexidp/dex:v2.30.2
  - swr.cn-southwest-2.myhuaweicloud.com/ks/library/redis:6.2.6-alpine
  ## gatekeeper
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/gatekeeper-extension-apiserver:v1.0.1
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.12
  - swr.cn-southwest-2.myhuaweicloud.com/ks/openpolicyagent/gatekeeper:v3.14.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/openpolicyagent/gatekeeper-crds:v3.14.0
  ## gateway
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/nginx-ingress-controller:v1.4.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/gateway-apiserver:v1.0.2
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/gateway-controller-manager:v1.0.2
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.16
  ## grafana
  - swr.cn-southwest-2.myhuaweicloud.com/ks/curlimages/curl:7.85.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/grafana/grafana:10.4.1
  - swr.cn-southwest-2.myhuaweicloud.com/ks/library/busybox:1.31.1
  ## kubeedge
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubeedge/iptables-manager:v1.13.1
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubeedge/cloudcore:v1.13.1
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubeedge/controller-manager:v1.13.1
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubeedge-proxy:v0.4.1
  ## kubefed
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubefed-extension:v1.0.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubefed:v0.8.1
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.4
  ## loki
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.12
  - swr.cn-southwest-2.myhuaweicloud.com/ks/grafana/loki:3.0.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/grafana/loki-helm-test:ewelch-distributed-helm-chart-17db5ee
  - swr.cn-southwest-2.myhuaweicloud.com/ks/grafana/loki-canary:3.0.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/nginxinc/nginx-unprivileged:1.24-alpine
  - swr.cn-southwest-2.myhuaweicloud.com/ks/library/memcached:1.6.23-alpine
  - swr.cn-southwest-2.myhuaweicloud.com/ks/prom/memcached-exporter:v0.14.2
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kiwigrid/k8s-sidecar:1.24.3
  - swr.cn-southwest-2.myhuaweicloud.com/ks/minio/minio:RELEASE.2022-09-17T00-09-45Z
  - swr.cn-southwest-2.myhuaweicloud.com/ks/minio/mc:RELEASE.2022-09-16T09-16-47Z
  ## metrics-server
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/metrics-server:v0.7.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/addon-resizer:1.8.20
  ## network
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/network-extension-apiserver:v1.1.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/network-extension-controller:v1.1.0
  ## openpitrix
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/apps-manage:v2.0.1
  ## opensearch
  - swr.cn-southwest-2.myhuaweicloud.com/ks/opensearchproject/opensearch:2.8.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/library/busybox:1.35.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/opensearch-curator:v0.0.5
  - swr.cn-southwest-2.myhuaweicloud.com/ks/opensearchproject/opensearch-dashboards:2.8.0
  ## servicemesh
  - swr.cn-southwest-2.myhuaweicloud.com/ks/istio/pilot:1.16.5
  - swr.cn-southwest-2.myhuaweicloud.com/ks/istio/proxyv2:1.16.5
  - swr.cn-southwest-2.myhuaweicloud.com/ks/istio/istioctl:1.16.5
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.4
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kiali-operator:v1.59.1
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kiali:v1.59
  - swr.cn-southwest-2.myhuaweicloud.com/ks/jaegertracing/jaeger-operator:1.35.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/jaegertracing/jaeger-agent:1.35
  - swr.cn-southwest-2.myhuaweicloud.com/ks/jaegertracing/jaeger-collector:1.35
  - swr.cn-southwest-2.myhuaweicloud.com/ks/jaegertracing/jaeger-query:1.35
  - swr.cn-southwest-2.myhuaweicloud.com/ks/jaegertracing/jaeger-es-index-cleaner:1.35
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/servicemesh-apiserver:v0.1.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/servicemesh-controller-manager:v0.1.0
  ## storage-utils
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/storageclass-accessor:v0.2.5
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/snapshot-controller:v4.2.1
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/snapshotclass-controller:v0.0.1
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/pvc-autoresizer:v0.3.1
  ## tower
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/tower:v0.2.1
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/tower-extension:v1.0.0
  ## vector
  - swr.cn-southwest-2.myhuaweicloud.com/ks/timberio/vector:0.39.0-debian
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.12
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/vector-config:v0.2.1
  ## whizard-alerting
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/whizard-alerting-apiserver:v1.0.2
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/whizard-alerting-controller-manager:v1.0.2
  - swr.cn-southwest-2.myhuaweicloud.com/ks/thanosio/thanos:v0.36.1
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.12
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/cortex-tenant:v1.12.5
  - swr.cn-southwest-2.myhuaweicloud.com/ks/prometheus-operator/prometheus-config-reloader:v0.75.1
  ## whizard-events
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kube-events-exporter:v0.8.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/jimmidyson/configmap-reload:v0.9.0
  ## whizard-logging
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.12
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/log-sidecar-injector:v1.3.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/jimmidyson/configmap-reload:v0.9.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/elastic/filebeat:6.7.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/timberio/vector:0.39.0-debian
  - swr.cn-southwest-2.myhuaweicloud.com/ks/library/alpine:3.14
  ## whizard-monitoring
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.12
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kube-state-metrics:v2.12.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubespheredev/kube-webhook-certgen:v20221220-controller-v1.5.1-58-g787ea74b6
  - swr.cn-southwest-2.myhuaweicloud.com/ks/thanosio/thanos:v0.36.1
  - swr.cn-southwest-2.myhuaweicloud.com/ks/brancz/kube-rbac-proxy:v0.18.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/prometheus-operator/prometheus-config-reloader:v0.75.1
  - swr.cn-southwest-2.myhuaweicloud.com/ks/prometheus-operator/prometheus-operator:v0.75.1
  - swr.cn-southwest-2.myhuaweicloud.com/ks/prometheus/node-exporter:v1.8.1
  - swr.cn-southwest-2.myhuaweicloud.com/ks/prometheus/prometheus:v2.51.2
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/dcgm-exporter:3.3.5-3.4.0-ubuntu22.04
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/process-exporter:0.5.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/nginxinc/nginx-unprivileged:1.24
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/calico-exporter:v0.3.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/whizard-monitoring-helm-init:v0.1.0
  ## whizard-notification
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.12
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kube-rbac-proxy:v0.11.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/alertmanager-proxy:v0.2.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/notification-manager-operator:v2.5.2
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/notification-manager:v2.5.2
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/notification-tenant-sidecar:v4.0.2
  - swr.cn-southwest-2.myhuaweicloud.com/ks/prometheus/alertmanager:v0.27.0
  - swr.cn-southwest-2.myhuaweicloud.com/ks/prometheus-operator/prometheus-config-reloader:v0.75.1
  ## whizard-telemetry
  - swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/whizard-telemetry-apiserver:v1.2.2
  registry:
    auths: {}

2.5、构建离线包

./kk artifact export -m manifest-sample.yaml -o kubesphere.tar.gz 

三、一台离线服务器

3.1、依赖项要求

依赖项	Kubernetes 版本 ≥ 1.18	Kubernetes 版本 < 1.18
socat	必须	可选，但建议安装
conntrack	必须	可选，但建议安装
ebtables	可选，但建议安装	可选，但建议安装
ipset	可选，但建议安装	可选，但建议安装

如何安装socat、conntrack，详见我另外一篇博客《k8s:离线添加集群节点的相关组件安装与升级》

将联网主机 上的二个文件同步至离线环境的 master 节点。

kk（KubeKey3.1.10的解压文件）

kubesphere.tar.gz

3.2、创建配置文件config-sample.yaml(私有仓库）

# chmod +x kk
./kk create config --with-kubernetes v1.26.12

命令执行完毕后将生成安装配置文件 config-sample.yaml。

3.3、编辑config-sample.yaml配置

注：资源有限，仅部署在一台服务器中。

vi config-sample.yaml

apiVersion: kubekey.kubesphere.io/v1alpha2

kind: Cluster

metadata:

  name: sample

spec:

  hosts:

  - {name: master, address: 172.23.123.117, internalAddress: 172.23.123.117, user: root, password: "@datatom66"}

  roleGroups:

    etcd:

    - master

    control-plane:

    - master

    worker:

    - master

  controlPlaneEndpoint:

    domain: “”

    address: "172.23.123.117"

    port: 6443

  kubernetes:

    version: v1.26.12

    clusterName: cluster.local

    autoRenewCerts: true

    containerManager: containerd

  etcd:

    type: kubekey

  network:

    plugin: calico

    kubePodsCIDR: 10.233.64.0/18

    kubeServiceCIDR: 10.233.0.0/18

    multusCNI:

      enabled: false

  registry:

    auths:

      "172.23.123.117:8443":

        username: "admin"

        password: "Harbor12345"

    privateRegistry: "172.23.123.117:8443"

    namespaceOverride: "kubesphereio"

    registryMirrors: []

    insecureRegistries:

      - "172.23.123.117:8443"

  addons: []

1. 1. 1. 1. spec:hosts 参数下设置各服务器的信息

参数	描述
name	用户自定义的服务器名称。
address	服务器的 SSH 登录 IP 地址。
internalAddress	服务器在子网内部的 IP 地址。
port	服务器的 SSH 端口号。如果使用默认端口 22 可不设置此参数。
user	服务器的 SSH 登录用户名，该用户必须为 root 用户或其他具有 sudo 命令执行权限的用户。如果使用 root 用户可不设置此参数。
password	服务器的 SSH 登录密码。如果已经设置 privateKeyPath 可不设置此参数。
privateKeyPath	服务器的 SSH 登录密钥的路径。如果已经设置 password 可不设置此参数。
arch	服务器的硬件架构。如果服务器的硬件架构为 Arm64，请将此参数设置为 arm64，否则请勿设置此参数。安装包默认仅支持所有集群节点都为 x86_64 或 arm64 架构的场景。如果各集群节点的硬件架构不完全相同，请联系 KubeSphere 技术支持团队。

1. 1. 1. 1. spec:roleGroups 参数下设置服务器的角色：

参数	描述
etcd	安装 etcd 数据库的节点。请在此参数下设置集群控制平面节点。
control-plane	集群控制平面节点。如果您已经为集群配置了高可用性，您可以设置多个控制平面节点。
worker	集群工作节点。
registry	用于创建私有镜像服务的服务器。该服务器不会用作集群节点。 安装、升级 KubeSphere 时，如果集群节点无法连接互联网，需要在此参数下设置用于创建私有镜像服务的服务器。其他情况下请将此参数注释掉。

3.4、将kubesphere.tar.gz的jar推送到harbor

下次再写如何推送jar到harbor库。

3.5、安装 Kubernetes1.26.12

./kk create cluster -f config-sample.yaml -a /app/KubeSphere/setup/kubesphere.tar.gz  --with-local-storage  

 

如果显示如下信息，则表明 Kubernetes 集群创建成功。 

类型	命令示例	说明
在线安装	./kk create cluster -f config.yaml	自动从互联网下载 Kubernetes、Docker、KubeSphere 等镜像和二进制文件
离线安装	./kk create cluster -f config-sample.yaml -a /path/to/offline.tar.gz --with-local-storage	使用本地打包好的离线包（包含所有镜像和组件）进行部署，适用于无公网环境

• KubeKey 会做以下几件事：

解析 kubesphere.tar.gz 中的内容

包含：Kubernetes 各组件镜像、CNI 插件、KubeSphere 组件等

提供部署所需的二进制文件、YAML 模板、Docker 镜像元数据

生成 /etc/kubernetes/manifests/ 下的静态 Pod 文件

如：kube-apiserver.yaml, kube-controller-manager.yaml 等

这些文件依赖于 kubesphere.tar.gz 中的信息

生成集群证书、配置文件、节点配置脚本等

启动 kubelet 并触发控制平面 Pod 被创建